Views:
The main components of the Celerra antivirus system include:
  • Data Mover (includes the VC Client) located on the Celerra File Server
  • AV Server (includes ServerProtect for EMC Celerra and Common Event Enabler (CEE)) located on a machine separate from the Celerra File Server
Scanning is done on a separate AV Server rather than on the Celerra File Server. This ensures virus scanning will not impact the Celerra File Server's processing power. Connecting multiple AV Servers with the Celerra File Server evenly distributes the scanning workload. Scan requests and files are sent to AV Servers in a "round-robin" method. This evenly distributes the workload and improves scan performance.
Remote Procedure Call (RPC) connections maintain constant communication between the Celerra File Server and the AV Server(s) for round-the-clock assurance that only virus-free files are saved to the EMC data storage system.
spemc-cava-architect.jpg
ServerProtect for Storage with EMC Celerra Scanner Architecture
The following is a description of the ServerProtect and Celerra antivirus system workflow:
  1. A user or application running a Windows client accesses the file from Celerra using the Common Internet File System (CIFS) protocol.
  2. When a client attempts to modify, close, or save a file to the Celerra system, the Celerra File Server triggers a request.
  3. The Virus Checking (VC) Client on the Celerra will request a virus check by sending the Universal Naming Convention (UNC) path name to the CEE of the AV Server.
  4. The request is sent to AV Servers in a round-robin fashion.
  5. On the AV Server, CEE requests ServerProtect to scan the file for viruses using the Real-time Scan function.
  6. Simplified scan results:
    • NON-INFECTED: file not infected, or disinfected (file can be opened)
    • INFECTED: infected and not cleanable (file access is denied)
Protecting the Celerra File Server is the main focus of SPEMC. In SPEMC, virus scanning is made in "on-access" mode, and takes place on a separate machine (AV Server) that is running Windows 2008, Windows 2012, Windows 2016, Windows 2019, or Windows 2022. The AV Server protects the Celerra File Server. This differs from the regular version of ServerProtect whose focus is to protect the Normal Server.
When a client attempts to modify, close or save a file to the Celerra Server, the VC Client on the Celerra Server will request a virus check by sending the Universal Naming Convention (UNC) path name to CEE on an AV Server. CEE then requests ServerProtect to scan the file using Real-time Scan mode.
If the file is infected, ServerProtect performs a designated virus action. If CEE reports the file has been successfully cleaned, the Celerra File Server lets clients access the file or saves it to its attached data storage system.
Related information